by
Thomas Dworetzky, Contributing Reporter | May 18, 2017
However, it did note in an advisory issued on its website that "Siemens Healthineers recognizes that some of its customers may be facing impact from the recent major cyberattack known as "WannaCry".
“Select Siemens Healthineers products may be affected by the Microsoft vulnerability being exploited by the WannaCry ransomware,"
says a Siemens security bulletin. "The exploitability of any such vulnerability depends on the actual configuration and deployment environment of each product.”
In an update, Siemens Healthineers also highlighted its response in the U.K. to the attack, stating, “we have been working alongside our customers and N.H.S. Digital since we became aware of the ransomware attack on Friday afternoon. This is an emerging situation and our focus is on restoring system operation, as soon as possible, but without compromising on quality. Engineers have been working at affected sites and will remain in constant contact with customers until systems are restored.”
Since the ransomware
broke out last Friday, it has spread to more than 150 countries and 300,000 machines, according to numerous reports.
“The attack, dubbed 'WannaCry', is initiated through an SMBv2 remote code execution in Microsoft Windows,” Kaspersky Lab detailed. “This exploit [codenamed 'EternalBlue'] has been made available on the internet through the Shadow Brokers dump on April 14th, 2017, and patched by Microsoft on March 14.”
The remote execution tool used to “ransom” the systems was part of the cache of hacking tools stolen from the N.S.A. and appearing online since 2016.
The N.H.S. appears to have been particularly vulnerable to the hacking because of its widespread use of the now-unsupported and vulnerable Microsoft Windows XP operating system.
Back to HCB News
